El 16/06/11 12:44, Henning Westerholt escribió:
Hi Anto,
having different systems is one solution, you could also just use internally in one server different traffic classes for the user sets you have. You should also look into the htable module for account/ password brute force detection. If you want to implement something w/r to the origination country of certain traffic, there is the geoip module which can provide you this informations, wich you could also combine with the modules already discussed. With regards to user accounts, one thing you probably want to look at is password security and fraud or misuse detection logic. Smart attackers will find ways around your proactive measures, and you need to respond actively, like blocking users after you detected something malicious.
Best regards,
Henning
Hi
There were planning to use the module htable and pike to prevent attacks. The biggest question I have is: if I have an account and simultaneously make a call would be nice, but I have another account to send multiple simultaneous calls, the pike module might detect this as "aggressive" and detect a false positive, if configured a level for the first, nor is it viable proxy depending on several channels. Could be allocated in usr_preference in number of channels, but you might not know ... I can not think how.
Another option is to store a variable login attempts and block the account X minutes. Thank you very much.
Regards Anto